The Journal of Physical Security 
Volume 12(3), 2019 


Ae 
“tb 


We 


(ISSN 2157- TF 


IN THIS ISSUE... 
Editor’s Comments, pages i-v 
; C Holder, “Automatic Vehicle Gate Systems Design”, pages 
1-3 


JT Jackson, “3D Magnetometer Array Replaces Traditional 
Balanced Magnetic Switch”, pages 4-14 


I Urhuogo-Idierukevbe, A Addo, ror nou and FM 
Khan, “Physic site Ecurity Bes st Practic ee 515-29 


Roe ston, "Design Reviews Versus Vulnerability 
Assessments for Physic cies net nies s 30-32 


Table of Contents 
Journal of Physical Security, Volume 12(3), 2019 


Available at http://jps.rbsekurity.com 


ditor’s Comments, pages i- 


Holder, “Automatic Vehicle Gate Systems Design”, pages 1-3 


)T Jackson, “3D Magnetometer Array ReplacesTraditional Balanced Magnetic Switch”, pages 
4-14 


f Urhuogo-Idierukevbe, A Addo, TL Anderson, and FM Khan, “Physical Security Best Practices” 


pages 15-29 


RG Johnston, “Design Reviews Versus Vulnerability Assessments for Physical Security”, pages 30- 
Z 


Journal of Physical Security 12(3), i-v (2019) 


Editor’s Comments 


Welcome to volume 12, issue 3 of the Journal of Physical Security (JPS). In addition to the 
usual editor’s rants and news about security that appear immediately below, this issue has 
papers about automatic vehicle security gates, 3D magnetometer arrays as a more secure 
replacement for BMS, best practices in physical security, and design reviews vs. vulner- 
ability assessments. 


All papers are anonymously peer reviewed unless otherwise noted. We are very grateful 
indeed to the reviewers who contribute their time and expertise to advance our under- 
standing of security without receiving recognition or compensation. This is the true sign of 
a professional! 


Past issues of JPS are available at http://jps.rbsekurity.com, and you can also sign up 
there to be notified by email when a new issue becomes available. A cumulative table of 
contents for the years 2004 through March 2019 is available at http://rbsekurity.com/JPS 
Archives/grand jps TOC.pdf 


JPS is hosted by Right Brain Sekurity (RBS) as a free public service. RBS is a small 
company devoted to physical security consulting, vulnerability assessments, and R&D. 


(http://rbsekurity.com) 


As usual, the views expressed in these papers and the editor’s comments are those of the 
author(s) and should not necessarily be ascribed to their home institution(s) or to Right 
Brain Sekurity. 


KK KKK 
Don’t Pass Along the Boarding Pass 
Don’t leave your boarding pass on the plane after the flight! It contains a lot of personal 


information. See https://www.huffingtonpost.ca/entry /hackers-boarding-pass- 
data 1 5de95730e4b00149f73d9ce3 


KKK KK 


2020 Vision 


Be careful dating checks and documents in this way: 1/15/20. It makes things easier for 
bad guys to re-date as “1/15/2000” or “1/15/2021”. See 
https://www.usatoday.com/story/news/nation/2020/01/02/do-not-abbreviate-year- 


2020-in-date/2795857001/ 


KK KKK 


Journal of Physical Security 12(3), i-v (2019) 


Campus Security & Safety 

Check out this web page for some informative examples of campus safety and security 
blunders by hospitals, schools, and universities: 
https://www.campussafetymagazine.com/safety/ridiculous-campus-security-mistakes 

On a related note, I recently examined some issues of the Journal of Healthcare Protection 


Management, and was reminded what a useful resource it is for security. See 
https://www.iahss.org/page/Journal 


KK KKK 


Secret Service Study 
The new Secret Service report on school violence is well done and definitely worth a look 


and consideration: https://www.secretservice.gov/data/protection/ntac/usss-analysis- 
of-targeted-school-violence.pdf 


KK KKK 


Jewel Heist 


Crooks got away with robbery of the Griines Gewolbe Museum in Dresden. Most or all of 
the loot will probably never be recovered: 


dione sutharities- conliene n1092971 


RK KKK 


Mission Creep 


A security guard apparently attempted to break up an on-field fight during an Australian 
Rules Football game in Tasmania and was much ridiculed: 


onto- ‘dingdeinnic: -arena- aban to-break-up-onfield-tussle/news- 
story/0497f44b6c3c1e121d6868072a47d4a0 


KKK K 


Freedom Declines 


Journal of Physical Security 12(3), i-v (2019) 


Freedom House’s annual report on the state of freedom in the world notes that 68 
countries experienced a decline in political rights and civil liberties, while only 50 countries 
gained. In 2019, law enforcement in 47 countries arrested citizens for posting political, 
social, or religious speech online. See https://freedomhouse.org/report/freedom- 


world/freedom-world-2019 


RK KKK 


New Technology 


This article in Forbes is worth pondering if you are considering incorporating new 
security technology into your Enterprise Security: 
https://www.forbes.com/sites/forbestechcouncil/2019/10/10/eight-key-questions-to- 


consider-before-adding-new-tech-in-your-organization/#56c38d3428b9 


KK KKK 


Real-ID 


I recently had to renew my driver’s license and get the new federal “REAL ID”. (See 
https://www.dhs.gov/real-id) The amount of documentation and personal information 
that has to be provided is truly onerous. (I got tripped up on my underwear size.) After 
nearly 2 hours of waiting in various lines at the Motor Vehicle Department, | did get 
through the process. 


This particular piece of insane Security Theater from DHS Keystone Kops goes against 
the entire purpose of Security Theater. Security Theater is supposed to have “feel good” 
attributes, and to be less work and less painful for citizens and/or government officials 
than Real Security. None of these things are true for REAL ID Security Theater. 


KK KKK 


Not So Smart Afterall 


Computer scientists are struggling to deal with how easy Artificial Intelligence (AI) 
systems can be spoofed: https://www.npr.org/2019/09/18/762046356/u-s-milita 


researchers-work-to-fix-easily-fooled-ai 


Nothing surprising here. High-tech is typically easy to spoof, even with low-tech 
methods. 


KKK K 


ili 


Journal of Physical Security 12(3), i-v (2019) 


Wandering DNA 
A man with leukemia had a bone marrow transplant, just as tens of thousands of patients 
do each year for a variety of medical aliments. It turns out that the donor’s DNA traveled all 


throughout his body, creating real issues for using DNA forensics to solve crimes. See 
https://www.nytimes.com/2019/12/07/us/dna-bone-marrow-transplant-crime-lab.html 


KK KKK 


SOS for SMS 
Popular Mechanics had a good article on SMS texting and why it is not secure. See “How 


SMS Works and Why You Shouldn’t Use It Anymore”, 
https: //www.popularmechanics.com/technology/security/a29789903 /what-is-sms 


KK KKK 


Cyber Security Blunders 


Check out this website that lists the year’s most absurd and inept cyber security 
blunders: https://portswigger.net/daily-swig/the-year-in-stupidsecurity-2019s-biggest- 


security-and-privacy-blunders 


KK KKK 


Beautiful Security 


Artist Addie Wagenknech has created some brilliant videos teaching women about online 
security while offering facetious beauty and makeup tips. See 
https://www.fastcompany.com/90301667/youtubes-best-beauty-tutorials-dont-teach- 


you-anything-about-makeup 
2h 2K KKK 
Security for Show 
The TV show The Masked Singer, which even the host calls “the most ridiculous show on 


television” reportedly deploys serious security to protect the identity of the mystery 
singers: 


soutien sues are-no-joke-20190927-p52vjx.html 


It’s good to see people getting security right when it really matters! 


Journal of Physical Security 12(3), i-v (2019) 
soko 


The Level of Sophistication of Many Seal Users 


When the young mother returned from the grocery store, her 7-year-old son pulled out 
the box of animal crackers he had begged for. He spread the animal-shaped crackers all 
over the kitchen table and examined each one closely. “What are you doing?” his mom 
asked. “The box says you can’t eat them if the seal is broken,” the boy explained, “So I’m 
looking for the seal.” 


KK KKK 


-- Roger Johnston 
Oswego, Illinois 
December 2019 


Journal of Physical Security 12(3), 1-3 (2019) 


Viewpoint Paper 


Automatic Vehicle Gate Systems Design 


Cliff Holder, PSP 
Certified Automatic Gate Systems Designer 
Automatic Systems 


Over the last 16 years of designing and installing automated vehicle gate entry systems, I’ve 
seen a wide variety of design mistakes. These mistakes can cost property owners a lot in wasted 
time and money when the system does not work as planned. The mistakes contributed to user 
owner frustrations and dissatisfaction. In many instances, these mistake have made vulnerable in 
many instances the very things they’ve been designed to protect. 


It is important to remember that a vehicle entry point is a “hole in your fence line (or 
perimeter security)” but it should not be your weakest spot. 


Here are five of the most common vehicle gate design mistakes I see, and how to best avoid 
them: 


1. Choosing the wrong gate for the application. Like any security project, selection of the 
right product is critical to ensure the product meets your security requirements. One of the first 
things I tell everyone is, “don’t cut and paste specifications.” Just because one type of gate 
worked well on a previous project does not necessarily mean it will be the right product on your 
next project. 


Remember that because your roadway is 30 feet wide, you may not need a 30 foot gate. 
Evaluating the types of vehicles, approach and turning radius and other factors, you may 
require only a 15 foot wide system. The longer a gate is open, the longer your facility is 
exposed to risks. 


Best practice: Conduct a Threat and Risk Assessment (TRA) and understand the risks to the 
type of facility and know the security objectives of the project. Seek an industry expert to be 
educated on the many types of gates on the market today, and learn about the advantages/ 
disadvantages of each. Never get “sold” by the next cool looking product you see at a trade 
show. 


2. Guessing about the number of vehicles that will use the gate each day. Many people 
make an “educated guess” on the number of vehicles entering / leaving each day. Often, this 
results in the wrong automated gate system being used for the application. A system that is 
designed more for a residential home but put into a commercial application may not be capable 


Journal of Physical Security 12(3), 1-3 (2019) 


of the increased daily cycles, which will result in potential higher maintenance costs and or 
shorter product life span. 

It may have a lower capital cost, but Total Cost of Ownership (TCO) could be many times 
more. 


Best practice: Install a vehicle counter for three weeks to get an accurate view of expected 
daily cycles and you will see the peak traffic times which can affect traffic flow, especially if you 
are planning to cycle the gate for each vehicle. 


3. Placing the pedestal in relation to the gate. Sounds simple right? Pedestals provide a 
mounting solution for your access control devices, such as card readers, intercoms, keypads and 
security cameras. Allowance needs to be considered for the types of vehicles using the system. 
You also need to consider the weather conditions—the “skid factor” as I call it when snow or ice 
conditions which can cause problems. Also, consider if the pedestal will be dual height or single 
height. Placement is critical so that a driver can pull up parallel beside the device and reach it 
easily from the vehicle. 


Best practice: By placing the pedestals directly perpendicular to the gate, and at a distance 
allowing for the types of vehicles using the gate, a driver will find it easy to use, and the risk of 
damage to the gate is reduced. It is always important to install bollards to protect your 
pedestals and the gate. Note - a typical concrete filled bollard is not crash rated. You may 
wish to invest in tested bollards to protect your investment from accidental damage — it will be 
your cheapest and best insurance ever. 


4. Not calculating how the gate will impact traffic. The installation of an automated gate will, 
by design, create traffic flow issues. Will the opening/closing for each vehicle create line ups of 
traffic either inside or outside the property? Proper design must ensure that traffic is not backing 
up onto a public road when accessing the property. 


Best practice: By knowing the number of cycles expected per day expected, and identifying if 
there are peak traffic times, you’ll have the best idea how to determine the correct type of 
automated vehicle gate system for the project. Review the actual planned locations and see if the 
gate can be set further into the property. A small time investment is to set up a series of traffic 
cones, identifving the planned location of the gate and then monitor to see how drivers maneuver 
through them. If the cones are continually hit, the location may not be best. Allow for turning 
radius of vehicles on both sides of the gate. Sometimes existing tire tracks on the ground show 
how vehicles approach and pass through the area. Tracks in snow are even more effective as you 
can see below! 


Journal of Physical Security 12(3), 1-3 (2019) 


5. Failing to consider how visitors will access a gated property. Due to liability and security 
issues, it’s a must to design the access in ways to prevent pedestrian access through any 
automated gate. Always provide a dedicated pedestrian entry portal, such as a full height 
turnstile, if parking is outside of the facility. 


Best practice: Good directional signage showing parking for visitors will help reduce the risk 
of pedestrian access through an automated gate. Signage also helps prevent the bottle neck at 
the gate location of the “lost driver” slowing down entry for approved drivers. If access for 
visitor vehicles is allowed through the gate, if unmanned, provide advance information to them 
via an email with instructions and location of the intercom to announce themselves when they 
arrive. 


In summary, there is more to a vehicle gate project than meets the eye. A line on a drawing 
““ Automated Gate -TYP” can provide no performance or specification criteria, which in a 
bidding environment, will leave the end user with a system that may not meet their needs or 
security objective. The result can be costly retrofit projects. 


These are just some of the most common automatic gate system design mistakes I have seen, 


and some of the countermeasures I can suggest. There are other considerations on these projects, 
and I am always pleased to provide advice if you are planning a gate project. 


About the Author 


Cliff Holder is a Regional Sales Manager for Automatic Systems. He can be contacted on 
LinkedIn or at cholder@automatic-systems.com. 


Journal of Physical Security 12(3), 4-14 (2019) 


3D Magnetometer Array Replaces 
Traditional Balanced Magnetic Switch 


John T. Jackson, Jr., MS 
Jackson Research 


www.jrmagnetics.com 


Abstract 


The Balanced Magnetic Switch (BMS) developed and fielded for high-security applications 
was rendered problematic by the development of a previously demonstrated Trivial Defeat 
Method. Several attempts to salvage the technology by employing very large actuator 
magnets and UL634 Class II certification have also failed. The problem is that the glass reed 
array and other related technologies cannot distinguish one magnet from another. To 
counter this, a 3D magnetometer array with algorithms related to facial recognition 
algorithms and some Digital Signal Processing (DSP) is required. A new type of technology 
is presented here that replaces the obsolete BMS with a new magnetometer array approach 
that recognizes unique, complex magnetic fields. 


Introduction 


It is necessary to update the history of the Balanced Magnetic Switch presented 
previously.[1] In my view, the traditional Balanced Magnetic Switch (BMS) is not just 
obsolete, but actually a security risk. The next step for improving magnetic security sensors 
is a 3D Magnetometer Array employing embedded smart algorithms analogous to state-of- 
the-art facial recognition algorithms using modern Digital Signal Processing (DSP). This new 
technology employs Artificial Intelligence (AI) to observe, interpret the magnetic field shape, 
and detect attempted tampering or spoofing. It is ideal for use with encrypted, high-security 
RS485 serial networks. 


History 


Figure 1 shows a single classical glass reed magnetic contact switch mounted on a steel 
door. Clearly, a single permanent magnet can be attached to the switch, which would go 
largely unnoticed, and defeat the sensor. There are numerous other examples, some of 
which include defeating single magnetic contacts similar to this one through window glass 
from the outside. This is why the Balanced Magnetic Switch (BMS) was invented by Holce 


Journal of Physical Security 12(3), 4-14 (2019) 


[2] in the first place as a better approach. A more detailed historical account can be found 
in reference [1]. 


Figure 1: Classical Glass Reed Magnetic Contact Installation 


My 1997 BMS patent [3] was the first device to get around the Holce patent, and it met the 
Federal Specification [4] that had been written around the Holce switch. Those original US 
government specifications remain unchanged to this day. An example device is the black 
Securitron BMS shown in figure 2. A few years later, the Holce patent ran out and several 
other companies introduced clones or similar implementations. The Honeywell switch also 
shown is Figure 2 is one of the first examples of these. They are based on the same 
underlying principle: triple biased glass reeds. They are all vulnerable to the defeat keys 
that I have been selling as “Defeat Sticks”. [1] 


Several companies created BMS type sensors based upon Hall effect magnetic sensors. In every 
case, they were using either Hall switches with fixed trip points or analog devices in combination 
with comparators at fixed trip points. This is just a different means of doing the same thing as the 
glass reed. It is the same operational paradigm, just employing a different type of sensor. The 
Hall devices are actually directional, which offered some advantage, but failed to resist the “Trivial 
Defeat Test” [1]. Placing any sensor technology in three locations to detect a specific absolute 
magnetic potential field can always be triggered by an infinite number of actuator permanent 
magnets. At that time, supplying 12 volts power to any kind of sensor device at the door was 
operationally problematic. 


There are many assembly and operational problems associated with glass read technology. 
It is banned for US military equipment and all satellites. Something more robust and less 
fragile was required. A new type of BMS was needed that avoided conventional Hall effect 
sensors. 


Journal of Physical Security 12(3), 4-14 (2019) 


This new approach is documented in 


references [5] and [6], and culminated 
in several novel patented types of . 
magnetic contact switches and 
corresponding BMS. It was more 
resistant to the Trivial Defeat, but still 
had one fatal flaw—it was still working 
with the same operational paradigm. 
Much later I would discover how to 
defeat this device using very thin 
neodymium permanent magnets in an 
upgraded version of Defeat Stick for 
enhanced Trivial Defeat. 


Another company developed their 
own version of this design and 
eventually discovered that their BMS = 


was also vulnerable to the Trivial 
Defeat. To deal with this problem, they 
made the actuator magnet so large that 
an adversary would have trouble finding a smaller magnet that could fit in the air gap using 
existing permanent magnet materials. This design was incorporated into the UL634 Class II 
specification [20] but only a slightly different approach was needed to defeat even this 
apparatus. 


Figure 1: Classical Balanced Magnetic Switches (BMS) 


Trivial Defeat of UL634 Class II High Security Switches 


All magnetic contacts of whatsoever type are can be defeated by the Trivial Means. The 
problem is that all magnetic contacts are potential comparators that measure the absolute 
value of the magnetic field. There are an infinite number of permanent magnets that can 
create the required field strength to activate the magnetic contact. This attack reroutes the 
neodymium permanent magnetic field through a high permeability shunt, 1018 iron, into the 
gap. The idea that UL634 Class II devices cannot be defeated only needs one example to 
render it invalid. Figure 3 demonstrates a successful attack. The photo shows a green light 
on the alarm status meter indicating a safe or secure alarm state. The VOM meter verifies 
the indication. Obviously, the large defeat magnet used is inconvenient, but clearly 
demonstrates the feasibility of creating a regular defeat tool. 


The actuator magnet housing used in the device is the same size as the switch housing, 
shown in figure 3. The neodymium magnet inside is huge. The radiated magnetic field is 
likewise quite intense. Several problems arise due to this excessively large actuator magnet. 
Metal doors and frames are particularly problematic for this type of device. Mounting it 
creates forces capable of causing serious injury to the installer’s hands because of the strong 


magnetic attraction between the actuator and 
the ferromagnetic door material. 


Moreover, the strong magnetic field between 
the door-mounted actuator and the metal door 
casing may require excessive force to open the 


door and may cause the door to slam shut 


when releasing the door handle, or else 
require a strong, deliberate push to close the 
door when the actuator magnet attempts to 
latch onto the metal door casing. 


The radiated field of such large magnets may 
violate EU regulations regarding radiated 
static magnetic fields, depicted in figure 5. The 
Gauss Meter Android app downloaded from 
Google Play Store to a smart phone is shown in 


Journal of Physical Security 12(3), 4-14 (2019) 


Figure 2: Trivial Defeat of a UL634 Class IT Device 


figure 4. The app easily measures static radiated magnetic fields. The magnet actuator 
associated with the switch shown in figure 3 radiates a field in excess of the minimum field 
strength regulation at chest level and exceeds it several times at head level when standing 


near a wooden door installation. 


Clear DD) 


Info T | 


Figure 4: Smart Phone Gauss Meter App 


Journal of Physical Security 12(3), 4-14 (2019) 


Electric fields Magnetic fields 


Derived from Derived from 
dosimetry dosimetry 
current best value Currert best value 
~§0 kV/m ~13 mT 

Derived from 6 mT 
dosimetry 18 mT limbs 
currert best value 
~24 kim 
Derived from 
20 kvim = dosimetry 
Currert best value 
~3 mT 
10 kVim 
5 kVim 0.1 mT 
it 
Prem reference ove 
Al values at SO HZ 


Figure 3: EU Radiated Electric and Magnetic Field Regulations 


The UL634 Class II standard requires excessively large actuator magnets to meet the 
standard. This creates other problems and does not mitigate the Trivial Defeat issue. 


The 3D Magnetometer Array 


Countering the Trivial Defeat requires a new sensor paradigm. It is helpful to create a 
sensor that can see the shape of a magnetic field and distinguish between magnets uniquely, 
much like facial recognition algorithms. This leads to a device where only one unique 
permanent magnet actuator can operate the sensor. Exactly identical copies of this magnet 
actuator assembly can operate the sensor, but nothing else. This can only be achieved, if an 
array of magnetometers is used to measure the 3D field shape in real time. It is analogous to 
using biometrics, such as a fingerprint. 


Journal of Physical Security 12(3), 4-14 (2019) 


Figure 6 shows a typical BMS actuator 
magnet assembly magnetic field. It is 
the classical triple bias type of field used 
to prevent the use of a single magnet to 
trick the traditional triple balanced 
sensor. The field plot is generated by an 
FEM magnetics program and takes a 
slice out of the middle of the actuator. 
Different permanent magnet assemblies 
may resemble the shape of the field and 
present the correct absolute value of 
magnetic potential field to the 
traditional BMS sensors from a different 
physical position, such as the air gap 
between the BMS and the actuator, but Figure 4: Cross Section Magnetic Field Plot of Typical BMS 
not to a properly constructed magnetometer array. 


Every unique assembly of permanent 
magnets generates a unique 3D vector 
field.[7] Orientation and material type 
will determine the shape of the field, 
distinguishing it uniquely from every 
other assembly. Figure 7 is an example 
of a specific combination of permanent 
magnets and the 3D field that it 
generates. Making every actuator 
magnet assembly unique, like a 
password, is not necessary. A duplicate 
actuator would have to be placed in 
exactly the same position as the 
original, which means the door must be 
open and cannot be closed without a momentary disruption for this to work. 


Figure 5: 3D Magnetic Field Lines Plot 


Building unique permanent magnet actuators, like a password, can be achieved as a 
practical matter with this technology. The intruder would need an exact duplicate of the 
actuator that would only work when the door is open. But, for most installations, this is 
excessive. Only in rare special cases should anything like that be contemplated for security 
switch design. 


One previous application of the unique field concept was by a means to protect containers 
from tampering.[7] In stark contrast to a security switch design, where the details of the 
magnet structure and the sensor types and positions are well known in advance, this 
approach relies upon complex placement and orientation of magnets and arbitrary 
placement of a sensor. The position of the sensor and the magnitude of the vector field at 
that point must be transmitted separately. 


Journal of Physical Security 12(3), 4-14 (2019) 


An example of an actual 3D magnetometer array mounted on a PCB is shown in figure 8. 
This magnetometer array uses the High Security Sensor shown in Figure 9. This array 
includes a three axis sensor matrix with a DSP MCU on the bottom of the board (not shown). 
The three-axis sensor provides the measurement of the vectors at 9 physical locations of a 
matrix composed of x, y, and z vector components. As a practical matter, this is typically 
adequate to define a 3D magnetic field uniquely. 


As long as we are within the sphere of influence of the magnetometer sensor array and 


permanent magnet actuator, the magnetic field will always be uniquely defined. This is in 
strong contrast to various facial recognition algorithms. 


Figure 8: Vector Magnetometer Array 


Figure 9: High Security 3D Vector Magnetometer Array Door Installation 


10 


Journal of Physical Security 12(3), 4-14 (2019) 


Facial Recognition Algorithms 


In virtual reality construction software, ray optics are used to create unique reflections 
and shadows within a scene composed of 3D objects and convert the scene to a flat 2D image. 
Facial recognition algorithms attempt to reconstruct the 3D shape from the reflections and 
shadows in a 2D photograph, which is the reverse of the ray optics construct. The reverse 
does not always yield reliable or functionally unique results. This process uses one flat 2D 
image which it compares to another flat 2D image. This method of 3D object reconstruction 
does not necessarily yield reliable results. That is why the US government solicits for new 
more reliable algorithms with higher match statistics. 


Figure 10: Facial Recognition Algorithms. 


With a 3D magnetometer sensor array, we are measuring a 3D vector field directly, and 
comparing it to previously recorded 3D vector field measurements. This eliminates much of 
the algorithmic calculations since there is nothing to reconstruct. The unique 3D vector field 
is already defined. The problem is reduced to assuring that the 3D measured field matches 
the stored 3D field uniquely. These are, nevertheless, nontrivial calculations which must be 
performed in real time. There is also finite analog-to-digital (A/D) conversion time and 
storage access time, in addition to computation time to make the algorithmic comparisons. 
The AI must decide if there has been any tampering by examining field aberrations. 


Comparing the Classical BMS to the 3D Magnetometer 


The classical BMS was adequate before the new rare earth magnets became available and 
fit the technological era in which it was developed. It was more secure than the single 


11 


Journal of Physical Security 12(3), 4-14 (2019) 


magnetic contacts that are still used today. Nowadays, however, the BMS Method can no 
longer be considered substantially more secure than a single magnetic contact. 


Some of the potential advantages of the 3D Magnetometer approach compared to the 
classical BMS approach include substantially better security, fewer Make or Break failures 
(such as contact sticking), and potentially lower false alarm rates from shock, vibration, or 
electromagnetic interference (such as lightning). Law enforcement should be particularly 
interested in the false alarm reduction rate. 


Note that all classical BMS and high security switches use electrical contacts. The original 
BMS [2] and its subsequent competition [3] used glass reed magnetic contacts, which are a 
subclass of electrical contacts. Later versions of BMS used novel magnetic contacts based 
upon permanent magnets [5] that became part of the electrical contact. But, in all cases, 
electrical contacts have been used exclusively until recent years, when Hall sensors have 
been substituted for the electrical contacts.[8] 


The problem with electrical contacts is wear. The famous book by R. Holm [9] details all 
of the various wear and failure modes. A primary focus of electrical contact design is to 
retard the wear and delay the ultimate failure modes. 


“Reed switches or relays eventually fail in one of three ways . They do not open when 
they should (usually called “sticking”), they fail to close when they should (“missing”), 
or their static contact resistance gradually drifts up to an unacceptable level”.[10] 


Explicit detail on electrical contact wear was published by F. Llewellyn Jones.[11] There 
are numerous plates of wear and several showing electrical arcs resulting in material 
transfer. The physics of electrical arcs can be found in Thomson and Thomson [12], and 
Cobine [13]. 


Vibration is also a fundamental failure mode and a principal source of false alarms in the 
BMS. 


“Next, consider which axis has the strongest opportunity for shock or vibration 
signals. Switch orientation will minimize and sometimes effectively eliminate the 
possibility of false signals and damage.”[14] 


Shock and vibration physics is presented in fine detail, including reed vibration, by Peek 
and Wagner.[15] More physics on shock impulse can be found in the Engineers’ Relay 
Handbook.[16] 


This all equates to the Mean Time Between Failures (MTBF). Standardized details for the 
measurement and calculation thereof can also be found in Engineers’ Relay Handbook.[16]| 
MTBF is a purely statistical number with a distribution curve unique to the particular switch. 
The life rating is always specified at a nominal voltage and current. I personally have run life 
tests where switches failed within the first 10 actuations, when operated well within the 
specified operation envelope and having an MTBF of 1 million. 


12 


Journal of Physical Security 12(3), 4-14 (2019) 


Several references discuss susceptibility to electromagnetic interference (EMI), for which 
lightning, grouped with Electrostatic Discharge (ESD), is one example. Numerous texts on 
Electronic Compatibility discuss this in great detail. The major design references all address 
this type of failure mode and false contact generation.[15-19] One of my contractors always 
complained about the reed switch false alarm rates in areas with high electrical storm 
incidence. 


I have examined the design of all commercially available BMS of whatsoever type and have 
not found one single effort to harden any of the BMS security sensors against any kind of 
vibration or EMI, including lightning. They are all bare magnetic contacts with absolutely 
nothing else on board. Cut one open for yourself or have it X-rayed! In stark contrast, all of 
my 3D designs incorporate means intended to prevent any kind of interference, whether 
radiated or conducted. This includes common mode rejection and transient suppressors. 


Conclusion 


In this paper, I have brought up to date the history of Classical BMS’s. The evolution of the 
magnetic sensor technology has been driven to some extent by the need to overcome the 
Trivial Defeat attack. Basically, the BMS itself has not changed, only the sensors being used. 
yet these did not solve the problem. Many attempts have been made to substitute Hall 
sensors in this vein without success. There is one new device that was just presented at a 
trade show this year which is still going down this same path. The entire BMS device 
operational paradigm has to be rethought in favor of a completely new approach to detection 
and data analysis discussed in this paper. 


In my view, the best way to counter the Trivial Defeat is to detect and identify the 3D 
magnetic field and recognize it uniquely. There is a strong analogy to Facial Recognition 
techniques, but the salient feature of the new recognition algorithms are based upon data 
collected by 3-dimensional vector sensor arrays. Unlike with biometrics, data conversions 
between 2 and 3 dimensions are unnecessary, saving enormous amounts of computation 
time. The most difficult aspect is creating the needed algorithms. They must operate in real- 
time, along with all the other on-board operations, to maintain a fully functional device, and 
still use minimal microcontroller space. It should also be clear that virtual prototype 
software is necessary to construct such a complicated device. 


References 
[1] JT Jackson, “Trivial Defeat of a Balanced Magnetic Switch”, Journal of Physical Security 


5(1), 1-11 (2011), http://jps.rbsekurity.com 


[2] TJ Holce, “Magnetically Actuated Sensing Device”, US Patent 4,210,889, 1970. 


[3] JT Jackson, “High Security Balanced Type Magnetically Actuated Proximity Switch 
System”, US Patent 5,668,533, 1997. 


13 


Journal of Physical Security 12(3), 4-14 (2019) 


[4] Federal Specification Components for Interior Alarm Systems, Balanced Magnetic 
Switches, W-A-450/1 August 28,1990, 
https://www.jrmagnetics.com/security/specs/wa450-1.pdf 


[5] JT Jackson, “Balanced Magnetic Proximity Switch Assembly”, US Patent 5,929,731, 
1999. 


[6] JT Jackson, “The Jackson High Security Switch and Radio Frequency System”, Thesis 
UMI Number 1389436, 1997, www.jrmagnetics.com. 


[7] RG Johnston and JS Warner, “Unconventional Security Devices”, Journal of Physical 
Security 7(3), 62-126 (2014), especially pages 85-88. 


[8] Maureen VanDyke, How an Environment Affects a Magnetic Switch, MagneLink, Inc., 


2019, https://www.magnelinkinc.com/blog/magnetic-switch-environment/ 


[9] R Holm, Electrical Contacts Theory and Applications, Springer, 1958, 1967, 1981, 2000. 


[10] “Testing Reed Switches and Relays for Reliability”, Coto Technology, Inc., 
https://www.cotorelay.com/wp-content/uploads/2014/05/Testing Reed Switches Relays for Reliability.pdf 


[11] FL Jones, The Physics of Electrical Contacts, Oxford at the Clarendon Press, 1957. 


[12] JJ Thomson and GP Thomson, Conduction of Electricity Through Gases, Dover, 1903, 
1928. 


[13] JD Corine, Gaseous Conductors, Dover Publications, 1941. 


[14] “Reed Switches i in Shock and Vibration Environments”, HSI Sensing, 2017, 


[15] RL Peek and HN Wagar, Switching Relay Design, D. Van Nostrand Company, Inc., 1955. 


[16] Engineers Relay Handbook, Fourth Edition, National Association of Relay 
Manufacturers, Milwaukee, Wisconsin, 1966, 1980, 1991. 


[17] JP Lockwood, Applying Precision Switches, Micro Switch, 1972. 


[18] Designers’ Handbook & Catalog of Reed and Mercury Wetted Contact Relays, Magnecraft 
Electric Co., 1966. 


[19] National Association of Relay Manufacturers, Proceedings 42"4 Relay Conference, May 
9-11, 1994, Boston, Massachusetts. 


[20] UL, “UL 634, Standards for Connectors and Switches for Use with Burglar-Alarm 
Systems”, https://standardscatalog.ul.com/standards/en/standard 634 


14 


Journal of Physical Security 12(3), 15-29 (2019) 


Physical Security Best Practices 


Irikefe Urhuogo-Idierukevbe, DBA.*, Archie Addo, Ph.D., 
Timothy. L. Anderson, DBA.**, and Fazel Mohammed Khan, MBA* 


*School of Computer Sciences, University of the Cumberlands, Williamsburg, Kentucky 
** DeVoe School of Business, Indiana Wesleyan University, Marion, Indiana 


Abstract 

The physical security market is estimated to grow from $69.63 billion in 2016 to $112.43 
billion by 2021 (Willemsen & Cadee, 2018). In order to sustain this growth, reliable and 
capable security officers are needed. Security officers are important aspects of 
organizations’ physical security. Without security officers, an organization can be 
vulnerable to uninvited guests that may harm an organization’s internal and external 
environment. When security officers are not monitoring the environments they are tasked 
with, they neglect important details that may detrimentally affect the organization’s 
physical environment. Even though security officers may be distracted with different 
internal and external factors within their work environments, they cannot afford to pay 
little attention to their surroundings. A security officer should be able to account for all the 
individuals entering the premises of an organization. Organizations can be innovative by 
implementing certain best practices for physical security. This paper discusses some of 


these best practices for physical security. 


Key words: Security officers, organizations, command center, innovation, creativity 


15 


Journal of Physical Security 12(3), 15-29 (2019) 


Introduction 

Security officers work in a wide range of environments such as public and office 
buildings. As such, they are responsible for protecting and observing the physical 
environments of organizations (Fennelly, 2017; Thomas & Kenny, 2018; Willemsen & 
Cadee, 2018). Physical security can be defined as the protection of assets such as hardware, 
software, network personnel, and data from action or events that could lead to significant 
loss or damage to an organization (Johnston & Warner, 2014). The damages or losses from 
lack of physical security in an organization include fire, burglary, vandalism, theft, arson, 
and terrorism (Tahir & Malek, 2017). A commonly adopted strategy in implementing 
physical security is controlling access to the organization by using different types of 
barriers such as gates, walls, and fences that are overseen by security personnel stationed 
at guardhouses (Tahir & Malek, 2017). Even though security officers may be distracted 
with different internal and external factors within their work environments, they cannot 
afford to pay less attention to their surroundings. Thus, a security officer accounts for all 
the individuals entering the premises of an organization. Organizations can be innovative 


by implementing some best practices for physical security. 


Duties of Security Officers 

Security officers prevent risks, watch out for danger, and report any crime they may 
encounter (Doyle, Frogner, Andershed, & Andershed, 2016; Moreira, Cardoso, & Nalla, 
2015). In an emergency, security officers may call for assistance from the police, fire, or 
ambulance services. Some security officers may be armed while others may simply carry a 


stun gun (Fennelly, 2017; Moreira, Cardoso, & Nalla, 2015). Whether a security officer 


16 


Journal of Physical Security 12(3), 15-29 (2019) 


works at a shopping center or in a bank, he or she has a significant job to do, which is to 
prevent crime or harm to the organization (Doyle et al., 2016). 

Research shows that some security officers provide surveillance around the clock by 
working shifts of eight hours or longer with rotating schedules (Fennelly, 2017). Others 
spend substantial time on their feet, either assigned to a specific post or patrolling 
buildings and grounds (Noronha, Chakraborty, & D’Cruz, 2018). S uch patrol routines are 
especially useful during holidays in conjunction with various festivals or school vacations 
when many residents leave their homes empty (Moreira, Cardoso, & Nalla, 2015). Because 
many burglaries occur during such periods, patrol frequency increases (Tahir & Malek, 
2017). 

A security officer is responsible for ensuring that all individuals within a premise are 
properly identified (Noronha et al., 2018). An unobservant officer might easily overlook 
something that could put lives in danger or miss out on witnessing a crime (Willemsen & 
Cadee, 2018). Often an organization’s personnel are given an identification card or badge 
that verifies their identity and permits them to access the organization buildings (Fennelly, 
2017). Guests are sometimes provided with a guest pass that would allow them temporary 
access to facilities in the organizations (Rowland & Coupe, 2014). Figure I outline some of 


the responsibilities of security officers. 


17 


Journal of Physical Security 12(3), 15-29 (2019) 


Docs 
Qos 
NN AWSS 


ewe 
Sh wee 
EN ee 
RRO aes 
‘ 


Figure 1. Security Officers Responsibilities 


Best Practices for Physical Security 

In as much as security officers’ tasks can be repetitive in nature, security officers need to 
be innovative in their various responsibilities. Physical security has come a long way, 
especially with the innovation of information and artificial intelligence (Fennelly, 2017). 
The application of physical security has the potential to preserve security and peace of 
mind in a business environment. Indeed, business innovation is vital to the success of any 
organization. For organizations to meet global demand and trends, organizational 
management needs to be innovative in order to meet the growing needs of their 


customers. Innovation is not restricted to only the business aspect of organizations; it is 


18 


Journal of Physical Security 12(3), 15-29 (2019) 


also vital to the physical security aspect of an organization as well. Some ways 
organizations can be innovative are investing in portable security devices, investing ina 
comprehensive security system, and providing customized training for all security 


officers. This section suggests four ways security officers can be innovative. 


Portable Physical Security 

While security officers are expected to be vigilant, they cannot be everywhere at the 
same time. For instance, if security officers need to check an office or an area in the 
building, they should be able to use portable visual surveillance to supervise the other 
locations as they make their way to their destination. Security officers need portable 
technological devices that would enable them to supervise areas and locations that are 
inside and outside of the organization. When a threat is detected, such officers can reach 
out to other security officers for help to check the locations that need attention (Rowland & 
Coupe, 2014). By developing a security service that is built on mobile surveillance units, 
security officers can move around their organization freely without having to rush back to 
the command post in order to observe activities in other areas of the organization. The 
portable surveillance technology should not replace the organization’s current surveillance 
technology, but rather complement the surveillance system that is already in place. 

Using a location tracker for guards can increase security team accountability. This would 
increase real-time reporting and communication (Wang, 2018). In case of an incident, the 
incidents can be reported with supporting evidence. This approach can save time and extra 
effort in gathering details of an incident (Fennelly, 2017). Photos and videos can be loaded 


quickly and easily to support incidental reporting. Real-time communications allow the 


19 


Journal of Physical Security 12(3), 15-29 (2019) 


security officers to quickly assess the situation to notify the management of the 
organization. 

Another best practice includes implementing robots to carry out surveillance rounds 
without human intervention. This approach can help security officers with touring the 
facility or campus, which can be monotonous work that often leads to fatigue and boredom. 
For large organizations, a land-based drone can be used onsite for emergencies. The drone 
can get to a site faster than security officers. The use of drones can also lead to minimizing 
harm when security officers are physically monitoring a dangerous situation. 

Considering that security officers are tasked with monitoring the environment of 
organizations, it is important for security officers to be alert and observant of the activities 
in their organization’s environments (Moreira, Cardoso, & Nalla, 2015; Noronha et al., 
2018). Security officers view hundreds of live feeds from their control center daily. As 
such, they are expected to recognize unwanted intruders or threats before the threat 
becomes a problem. When a threat is detected, security officers often use the camera in 
their command center to navigate the environment of the threat (Saarikkomaki & 
Kivivuori, 2016). When navigating the camera from the control center, security officers 
focus on the area of the threat to see what is happening. In some cases, it might just be that 
someone left an unidentified package, while other threats might simply be a building that is 
left open by employees. Whatever the threat may be, the command center needs to use the 
cameras in their post to investigate the threat before going out to the site of the threat in 


person. 


Comprehensive Security System 


20 


Journal of Physical Security 12(3), 15-29 (2019) 


Just as portable security systems can make access to a remote location easier for security 
officers, a comprehensive security system can reduce the workload of security officers. 
One of the best practices to consider in terms of physical security is investing in security 
systems that would help an organization to Keep track of incident reports or alerts in their 
business environment. A security system such as Securitas’ Connect/Vision can help 
management determine incident status and the daily organization’s activities in their 
business environment simply by logging into Securitas’ website. Because different people 
may go in and out of aroom or building often, it is important that security personnel are on 
high alert for uninvited guests. When the command center notices any movement that is 
suspicious, they need to check it at once to ensure it is not a threat that would potentially 
affect the daily operation of the organization. All potential threats in a work environment 
should be investigated; no threat should be considered insignificant to be 
investigated (Rowland & Coupe, 2014). By logging into Securitas’ website, management 
can recognize areas in which security needs to be strengthened. Considering that physical 
security in a work environment is vital to the daily operation of an organization, it is 
important for leaders of organizations to invest in technology that would help them to be 
innovative and one that would set them apart from their competitors. 

Another best practice for physical security is ensuring that the command center 
operators keep detailed documentation of the incidents and threats they observe or 
witness in person. Because security command center operators observe different live 
incidents as they happen, they are in a better position to provide details of what happened 
(To et al., 2018). As threats are documented and recorded, security officers can revisit the 


event by reviewing the recordings so that they will have all the details they need to 


21 


Journal of Physical Security 12(3), 15-29 (2019) 


document the incident for upper management or the police in case they need written 
documentation of the events (Rowland & Coupe, 2014). Even though written 
documentation of the footage may be needed, the organization may have a written policy of 
how long the command center is to keep the footage. Some organizations may keep footage 
for six months, while others for a year. The duties in different work environments can be 
challenging for security officers (Botacin, 2018). From scheduling shifts to sending reports 
to organizational management, this can be overwhelming. A monitoring software 
application can decrease the overwhelming tasks by streamlining administration duties. 
The benefits of this approach include avoiding shift scheduling errors, communication 
mishaps, and other common problems that can disrupt the ability to deliver reliable 
security service. 

A security guard monitoring system can ensure that the guards and the organization are 
protected (Fennelly, 2017). A typical example is a push notification indicating that a 
security officer failed to arrive at a checkpoint. This could provide an alert of a medical 
emergency being experienced by one of the employees. The guard recording via video can 
link to law enforcement to identify and quickly apprehend intruders who may break into 
the organization premises. Tracking and communications are critical elements of a high- 
quality monitoring system that can lead to physical and financial safety for the 
organization. 

Another best practice to consider in terms of physical security is investing in a patrol 
monitoring system. This significantly increases accountability. Other tools contribute to 
accountability include automatic timekeeping, Global Positions System (GPS) tracking for 


specific locations, and electronic checkpoints to ensure that the security officers are 


22 


Journal of Physical Security 12(3), 15-29 (2019) 


following shift procedures, showing up for their patrols on time, and performing all other 
duties. Such high-tech systems should send automatic alerts when a guard fails to report at 


strategic locations in a timely manner. 


Security Curriculum 

An organization’s managers need to outline the training curriculum for their security 
officers, and also identify appropriate education institutions to help train future security 
guards for the organization. Even though security officers are trained using a basic 
curriculum, every organization is different and as such, one-size-fits-all security training 
may not be enough for every organization. Thus, creating a standard training guideline for 
all security officers can help an organization hire and retain qualified security officers. 

A best practice to consider in terms of physical security is training physical officers on 
how to avoid physical breaches within an organization. Often the damages from lack of 
physical security are overlooked by an organization’s upper management. If a proper 
approach is taken, damage can be prevented or mitigated. Security officers need to ensure 
obstacles are placed in the way of potential intruders. Physical sites need to be 
safeguarded to avoid accidents, attacks, and environmental disasters. These obstacles can 
include locks, fencing, access control systems (including biometrics), and fire suppression. 
Figure 2 depicts how innovation is applicable to an organization’s physical security. Figure 


3 conveys a model for an organization’s physical security. 


23 


Journal of Physical Security 12(3), 15-29 (2019) 


— 


HOL(Ip]s|VecnLipA Pearce2 


Figure 2: Innovation and Organization’s Physical Security. 


24 


Journal of Physical Security 12(3), 15-29 (2019) 


Exterior Fence 


Motion 


cctv cam 


Figure 3: Organization’s Physical Security Model 


Education 

Because security officers’ jobs require substantial responsibilities and skills, there is a 
need to train security officers appropriately. For learning to be effective and relevant to 
real-world situations, it is essential to follow the proper content design and teaching 
practices. There should be an established process to help security officers effectively 
transfer the information they learned to their work responsibilities. Weber (2014) noted 


that leaders of an organization need to build application objectives and transfer processes 


25 


Journal of Physical Security 12(3), 15-29 (2019) 


that would support the learning transfer process. Education and training present a prime 
opportunity to expand the knowledge of all security officers. 

Education and training provide both the organization as a whole and security officers 
with benefits that make the cost and time a worthwhile investment. Providing the 
necessary training creates knowledgeable staff who can take over for one another as 
needed as the organization sees fit and staff who can work on teams or independently 
without constant help and supervision from others (Fennelly, 2017). Education and 
training also build security officers’ self-reliance as a result of developing a robust 
understanding of the security industry and the responsibilities of their jobs. This self- 
assurance motivates security officers to perform their duties better and think of new ideas 
that would help them advance in their careers. Continuous training also keeps security 


officers informed of industry developments. 


Summary 

In order to ensure that an organization's physical environment is secure, organizational 
management needs to ensure that they introduce best practices for physical security. The 
best practices that are introduced within an organization should correspond with the 
organization's goals and objectives. The Internet of Things (IoT) is growing very quickly 
and there is even a greater need to protect organizations. Organizations have a duty to 
protect an organization’s infrastructure and devices in the organization's 
environment. After thorough identification of physical security risks, there is a need to 
provide appropriate training to the organizations’ security officers that are assigned to 


specifics posts (Klein, Ruiz, € Hemmens, 2019). 


26 


Journal of Physical Security 12(3), 15-29 (2019) 


About the Authors 

Irikefe Urhuogo-Idierukevbe is a professor of information technology at the University 
of Cumberlands. She has been with the university for three years. Her areas of research 
include business administration, information technology and information system 
management 

Archie Addo is a professor of information technology at the University of the 
Cumberlands. He has been with the university for two years. His areas of research include 
big data, information technology, information system management, data science, and 
information security 

Timothy L. Anderson is a professor of business at Wesleyan University. He has been 
with the university for 3 years. His area of research includes business administration and 
management 

Fazel Mohammed Khan is an Executive Master Level Student at the School of 


Computer Sciences, University of the Cumberlands, Williamsburg, Kentucky. 


References 

Ardic, C., Usta, O., & Ozturk, G. Z. (2018). The relationship between the situation of being 
exposed to violence and the burnout in security guards working in the 
hospital. Konuralp Medical Journal / Konuralp Tip Dergisi, 10(2), 153-159. 

Botacin, M.; De Geus, P. L.; Grégio, A. (2018) Who Watches the Watchmen: A Security- 
focused Review on Current State-of-the-art Techniques, Tools, and Methods for 
Systems and Binary Analysis on Modern Platforms. ACM Computing Surveys 1(51), p. 


1-34. 


27 


Journal of Physical Security 12(3), 15-29 (2019) 


Doyle, M., Frogner, L., Andershed, H., & Andershed, A.-K. (2016). Feelings of safety in the 
presence of the police, security guards, and police volunteers. European Journal on 
Criminal Policy & Research, 22(1), 19-40. 

Fennelly, L, J., (2017). Effective physical security, (5th ed). Elsevier Inc. 

Johnston, R. G., & Warner, J. S. (2014). Is physical security a real field? Journal of Physical 
Security, 7(3), 13-15. 

Klein, M. S., Ruiz, L., & Hemmens, C. (2019). A statutory analysis of state regulation of 
security guard training requirements. Criminal Justice Policy Review, 30(2), 339-356. 

Moreira, S., Cardoso, C., & Nalla, M. K. (2015). Citizen confidence in private security guards 
in Portugal. European Journal of Criminology, 12(2), 208-225. 

Noronha, E., Chakraborty, S., & D’Cruz, P. (2018). ‘Doing dignity work’: Indian security 
guards’ interface with precariousness. Journal of Business Ethics. 
https://doi.org/10.1007/s10551-018-3996-x 

Rowland, R., & Coupe, T. (2014). Patrol officers and public reassurance: A comparative 
evaluation of police officers, PCSOs, ACSOs and private security guards. Policing & 
Society, 24(3), 265-284. 

Saarikkomaki, E., & Kivivuori, J. (2016). Encounters between security guards and young 
people: the extent and biases of formal social control. Policing & Society, 26(7), 824- 
840. 

Tahir, Z., & Malek, J. A. (2017). Elements of security for a gated and guarded community in 
the context of smart living. E-BANGI Journal, 12(3), 1-11. 

Thomas, S. A.; Kenny (2018) Modernizing the coast guard financial community. Armed 


Forces Comptroller, 1(63), p. 39-40. 


28 


Journal of Physical Security 12(3), 15-29 (2019) 
To, W.-M., Lee, P. K. C., & Lam, K.-H. (2018). Building professionals’ intention to use smart 
and sustainable building technologies - An empirical study. PLoS ONE, 13(8), 1-17 
Wang. J., Hong. Z, Zhang. Y, and Jin.Y. (2018). Enabling security-enhanced attestation with 


intel SGX for remote terminal and IoT. JEEE Transactions on Computer-Aided Design 


of Integrated Circuits & Systems, 1 (37), p. 88-96. 


Weber, E. (2014). Turning learning into action: A proven methodology for effective transfer 
of learning. London, England: Kogan Page. 


Willemsen, B., & Cadee, M. (2018). Extending the airport boundary: Connecting physical 


security and cybersecurity. Journal of Airport Management, 12(3), 236-247. 


29 


Journal of Physical Security 12(3), 30-32 (2019) 


Viewpoint Paper 


Design Reviews Versus Vulnerability Assessments for Physical Security* 


Roger G. Johnston, Ph.D., CPP 
Right Brain Sekurity 
http://rbsekurity.com 


A Vulnerability Assessment (VA) involves identifying and perhaps testing/demonstrating 
security flaws and likely attack scenarios, then recommending changes to how the security 
device, system, or program is designed or used. This is done in hopes of improving 
security. 


Getting security managers and organizations to pursue a VA can be challenging. For one 
thing, VAs often get confused with other, more familiar and comfortable analysis 
techniques which either (1) aren't primarily about vulnerabilities at all, or (2) that do have 
something minor to say about vulnerabilities but aren't typically very good at profoundly 
uncovering new vulnerabilities.[1,2] For example, a VA is not a “test” or a “certification” 
process for a security product or program. It is something quite different from “Red 
Teaming”, penetration testing, security surveys, Threat Assessments, Risk Management, 
fault/event trees, and Design Basis Threat—though these things might well be worth doing. 


Another impediment to arranging for VAs is that are typically time-consuming and 
relatively expensive. This is especially true given that VAs should ideally be done period- 
ically and iteratively from the earliest design stage through marketing and deployment of a 
new security product, system, strategy, or program. 


Perhaps more daunting, VAs are often feared by security managers and organizations 
because an effective VA will inevitably uncover multiple vulnerabilities. In my view, this is 
the wrong mindset for thinking about security, but it nevertheless is quite common. 
Finding a vulnerability is actually good news because vulnerabilities are always present in 
large numbers, and finding one means we can potentially do something about it. Moreover, 
it is my experience that serious vulnerabilities can often be mitigated or eliminated with 
simple changes to the design of a security product/program, or how it is used. But the 
security improvements aren’t possible if the vulnerabilities go unrecognized! 


I have found that many security managers and organizations are much more comfortable 
with a “Design Review’, rather than a Vulnerability Assessment. Arranging for a review of 
the design of a security product, system, strategy, or program is more familiar—and a 
whole lot less scary—than targeting security flaws. In a Design Review, there is a brief 


*This paper was not peer reviewed. 


30 


Journal of Physical Security 12(3), 30-32 (2019) 


review of the design and engineering issues, and then recommendations are offered for 
improving the design or the use protocol. Fewer vulnerabilities, attack scenarios, and 
countermeasures are developed in a Design Review than for a VA, and they are typically 
not tested or demonstrated like in a VA. 


While a Design Review will not permit as deep an understanding of vulnerability issues 
as a VA, it still offers the security manager or organization the opportunity to improve their 
security at modest cost in a short period of time. Moreover, in my experience, about half of 
the organizations that arrange for a Design Review eventually commission a Rudimentary 
Vulnerability Assessment (RVA) or a Comprehensive Vulnerability Assessment (CVA) once 
they see the results and recommendations from the Design Review, and that those results 
aren’t all that frightening. Most of the work that went into the Design Review is directly 
applicable to conducting either a RVA or aCVA. The main differences between a RVA anda 
CVA are time, cost, and the number of vulnerabilities, attacks, and countermeasures that 
can be found and demonstrated. 


An alternative to a Design Review is a Market Analysis where a new security product is 
compared to existing products. Potential applications and end users are also identified. A 
Market Analysis can be a relatively non-frightening way to introduce some vulnerabilities 
issues and potential countermeasures without seeming to overtly criticize the security 
product or service. 


The bottom line: sometimes a Design Review or a Market Analysis can sneak in 
information about vulnerabilities, attack scenarios, and possible countermeasures in a 
more palatable way than a Vulnerability Assessment. This can be helpful for security 
managers and organizations who are hesitant or fearful of learning about their security 
vulnerabilities, or don’t have the time or funding for a true Vulnerability Assessment. 


About the Author 


Roger G. Johnston, Ph.D, CPP is head of Right Brain Sekurity (http://rbsekurity.com), a 
company devoted to design reviews, vulnerability assessments, market analyses, and R&D 


for physical security. LinkedIn: http://www.linkedin.com/in/rogergjohnston. 


References 


1. RG Johnston, “Being Vulnerable to the Threat of Confusing Threats with Vulnerabilities”, 
Journal of Physical Security 4(2), 30-34, 2010, http://jps.rbsekurity.com. 


2. RG Johnston and JS Warner, “Debunking Vulnerability Assessment Myths”, 
SecurityInfoWatch, August 6 & 13, 2013, 
Part 1: 


31 


Journal of Physical Security 12(3), 30-32 (2019) 


http: //www.securityinfowatch.com /article/11078830 /experts-discuss-commonly-held- 


misconceptions-about-vulnerability-assessments 
Part 2: 


http: //www.securityinfowatch.com /article/11108983 /experts-discuss-the- 
characteristics-of-good-vulnerability-assessors 


32 


